A A.I CyberSecurity Scoring
A
Company Information
Website:https://www.acesaba.com/careers1/
Employees number:2,562
Number of followers:12,022
NAICS:6241
Industry Type:Individual and Family Services
Homepage:acesaba.com
A Risk Score (AI oriented)
Between 650 and 699
AIndividual and Family Services
Updated:
09/03/2026
09/03/2026
677/1000
Weak
B
A Global Score (TPRM)
xxxx
AIndividual and Family Services
Score locked

AWeak
Current Score
677B (WEAK)
01000
1 incidents
-97 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
683
JUNE 2026
682
MAY 2026
680
APRIL 2026
679
MARCH 2026
677
FEBRUARY 2026
676
JANUARY 2026
675
DECEMBER 2025
673
NOVEMBER 2025
766
Ransomware
01 Nov 2025 • A
Non-profit mental health provider and Educational facility for autistic children: North Korean Hackers Using Medusa Ransomware in Attacks on U.S. Healthcare Sector
North Korean Hackers Deploy Medusa Ransomware in U.S. Healthcare Attacks
669
CRITICAL-97
ACENON1772051729
North Korean Hackers Deploy Medusa Ransomware in U.S. Healthcare Attacks
A joint investigation by Symantec and the Carbon Black Threat Hunter Team has revealed that North Korean state-sponsored hackers, specifically the Lazarus Group, are targeting U.S. healthcare organizations and non-profits with Medusa ransomware. The attacks, linked to the Reconnaissance General Bureau (RGB) of North Korea’s government, blend espionage with financially motivated cybercrime.
Medusa, a ransomware-as-a-service (RaaS) operation active since 2023, operates under a double-extortion model encrypting data and threatening to leak or auction stolen information if ransoms go unpaid. While Lazarus has previously used Maui and Play ransomware, recent evidence confirms its shift to Medusa in campaigns since November 2025. Victims include a non-profit mental health provider and an educational facility for autistic children, with average ransom demands reaching $260,000.
A Lazarus subgroup, Stonefly (aka Andariel), is suspected of involvement. The group, historically focused on espionage, has increasingly turned to ransomware attacks on healthcare targets over the past five years. The U.S. Department of Justice has indicted Rim Jong Hyok, a North Korean national allegedly tied to the RGB, for his role in these attacks, which are believed to fund broader espionage operations.
Symantec and Carbon Black have tracked 366 Medusa ransomware attacks, though the group claims over 500 victims, including more than 40 healthcare organizations. Indicators of compromise (IoCs) and tools used in the campaigns have been shared to aid detection. While attribution to a specific Lazarus subgroup remains unclear, the evidence firmly ties the attacks to the broader Lazarus collective.
INCIDENT DETAILS -
TYPE
MOTIVATION
DATA BREACH
REFERENCES
OCTOBER 2025
766
SEPTEMBER 2025
766
AUGUST 2025
766
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for A ??
What was A's A.I Rankiteo Cyber Score in June 2026 ??
What was A's A.I Rankiteo Cyber Score in May 2026 ??
What was A's A.I Rankiteo Cyber Score in April 2026 ??
What was A's A.I Rankiteo Cyber Score in March 2026 ??
What was A's A.I Rankiteo Cyber Score in February 2026 ??
What was A's A.I Rankiteo Cyber Score in January 2026 ??
What was A's A.I Rankiteo Cyber Score in December 2025 ??
What was A's A.I Rankiteo Cyber Score in November 2025 ??
What was A's A.I Rankiteo Cyber Score in October 2025 ??
What was A's A.I Rankiteo Cyber Score in September 2025 ??
What was A's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on A's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with A ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view A's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?